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ABSTRACT: 

An integrated circuit comprises logic circuitry, such as a microprocessor, and a secure 
co-processor protected by a cocoon. The co-processor is connected to the logic circuitry at least 
by data lines. The co-processor comprises a cryptographic en^ne and a volatile storage element 
for storing a secret k^. 
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(54) integrated circuit and method fbr secure data proces^ng by means of this Integrated circuit 



(57) An integrated circuit comprises logic drcuiby 
such as a microprocessor, and a secure co-processor 
protected by a cocoon. The co-processor is connected 
to the logic ctrcurtry at least by data lines. The oo-proc- 



essor comprises a ayptographic engine and a volatile 
storage element for storing a secret key. 
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Description 

The present invention relates to an integrated at- 
cuW. and to a method for seojre data processing using a 
secret key by means of this integrated circuit s 

. In the areas off pay television, banking, or any other 
environment of secure data processing, the system or 
method used relies on the secure storage of a seaet 
piece of information, i.e. a seaet key. This secret key is 
used by a microprocessor for candying out cryptographic 10 
functions. In the htegrated circuits oonprlsing a micro- 
processor and storage elemait for the secret key, secu- 
rity is obtained by making the entire miaoprocessor and 
storage element secure by encapsulating the complete 
circuitry in a cocoon, labyrinth or encapsulation which is 
may comprise power, ground and/or sense wires. How- 
ever encapsulating the complete circuitry is rather com- 
plex in view of the area size of the circuitry in the 
integrated circuit chip. Further, there are sev&al con- 
nections between the microprocessor and peripheral 20 
circurtry. each of these connections being a possible 
point of attack for unauthorized persons to obtain infor- 
matk)n which can be used in finding the secret key. 
Moreover, if the operation of the microprooessor is 
stopped during a ayptographic operation, the registers 26 
of the miaoprocessor contain intbnnation which can be 
used by unauthorized persons to derive the secret key. 
It will be dear that as soon as the seaet key has been 
found \oy unauthorized persons, the security of the sys- 
tem has been broken. 30 

The Invention aims to provkJe an integrated circuit 
and method of the above-mentioned type with 
enhanced security. 

According to the invention an integrated circuit is 
provided, conprising togic drcuitry, preferably a miao- 35 
processor, and a secure coprocessor protected by a 
cocoon, said co-processor being corviected to said 
logic drcuttry at least by data lines, wherein said co- 
processor comprises a cryptographic engine and a vol- 
atile storage element for storing a secret key. 40 

In this manner an integrated circuit is provided 
wherein only a small part of the circuitry, i.e. the secure 
co-processor or secure cell, needs to t>e encapsulated 
in a cocoon, which in view of the small size of tiie co- 
processor area is possible in a relatively easy manner 4S 
with high security. All storage and cryptographic func- 
tions are contained within tiie cocoon, so that no part of 
any ayptographk; process is v^ble to any external 
means at any stage of its operation. Only messages 
from the nticroprocessor to be processed by the secure so 
co-processor and processed messages are available on 
the data lines, which Information however provides no 
information at all regarding ttie secret key. In tiiis man- 
ner it is impossibie for any third party to find any infbr- 
matkm on the seaet key in an attempt to break the ss 
security. 

As the seaet key is stored in a volatile storage ele- 
ment, any attempt to access the secure coprocessor 



will result in a loss of the secret key as such an attempt 
will be detected by the cocoon resulting in a loss of 
power and thereby In erasure of the seaet key. 

According to the invention a method for seojre dat- 
aprocessing is provided using a seaet key. comprising 
the steps of loading the secret key in the storage ele- 
ment sending encrypted information from tiie miao- 
processor to the co-processor via the data lines 
together with control infamation, using ttie seaet key to 
decrypt said infbnnation in accordance witti the control 
infbmiation in the coprocessor. auttientk:ating the 
decrypted information, and using ttie decrypted infor- 
mation in accordance with the control infamation. 

The invention will be further explained by reference 
to the drawing in which an entbodiment of the integrated 
circuit according to the invention is shown in a very 
schematical manner. 

By way of example it will be assumed that ttie inte- 
grated circuit shewn is part of a smart card used in ttie 
condrtbnal access module of a decoder system for pay 
television. However, ttie invention is certainly not 
restricted to such an application. On ttie contrary, ttie 
invention can be used in a wkle area of cryptographic 
applicatkms. 

The integrated circuit comprises a microprocessa 
1 and a secure co-processor 2 encapsulated in a 
cocoon 3 of security wires which may include power, 
ground and/or sense wires. The security wires 3 are 
indicated by a dashed line surrounding the coproces- 
sor 2. In ttie actual integrated circuit the coprocessor 2 
will be covered substantially completely by the security 
wires at least at the top and bottom sides. It is observed 
tfiat the term cocoon as used in this spedficatwn can be 
a labyrintti. cover or encapsulation of power, ground 
and/or sense wires or another active or passive means 
preventing access to ttie co-processor 2. 

The co-processor 2 is connected to other circuitry 
of the integrated circuit, in partrcular to a clock circuit not 
shown and to tiie miaoprocessa 1 by dock and data 
lines 4, 5. The co-processor 2 comprises a aypto- 
graphic unit 6. a control urtit 7 and a volatile staage ele- 
ment 8 for storing a secret k^. The cryptographic unit 6 
comprises a decryption engine 9. an autfientication 
engine 10 and preferably also an enayption engine 1 1 . 
Further, ttie cryptographic unit 6 includes a oneway 
functk)n blod< 12 to load the seaet key into the staage 
element 8. Power consumption of ttie elements of ttie 
secure coprocessor 2 is very low and power is provided 
by a battery not shown. 

The storage element 8 for the seaet key and all 
ayptographic functions are contained wittiln ttie cocoon 
3, so that no part of any cryptographic process is acces- 
sible to any external means at any stage of operation of 
ttie coprocessor 2. The actual deayption. enayption 
and/or authentication functions are no part of the 
present invention and ttierefore a detailed description of 
such functions is not necessary. Any decryption, 
encryption or auttientication normally used in aypto- 
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graphic processes can be implemented in the logic cir- 
cuitry of the co-processor 2. It Is noted, however, that 
the number of logic elements used for the co-processor 
2 is preferably as small as possit^e as this will result in 
a small cocoon with very high security. 5 

Any attempt to enter the cocoon 3 will result in a 
contact with any of the sense wires or a short drcuiting 
of grourd and power wires so that the power of the co- 
processor 2 will be disconnected. Such an attempt 
would therefore lead to an erasure of the secret key 10 
stored In the storage element 8. 

Using the integrated circuit described, data* 
processing is possible in a very secure manner by first 
loading a secret key in the storage element 8 by sending 
a seed through ibe one-way function blodc 12 to the is 
storage element. As the secret key is loaded through 
the datalines 5 to the secure co-processor using the 
one-way function, for example a one-way hash function, 
the smart card cannot be re-used even if a secret key 
has been determined by unauthorized persons, as the 20 
one-way function is unknown. 

After loading the secret key in the storage element 
8. the microprocessor 1 can reguest the co-processor 2 
to decrypt eno^ed information fDn^varded via the 
datalines 5 to the co-processor 2 together with control ss 
information to Indicate the requested operation to the 
control unit 7. and an authenttoation vector. Ihe co- 
processor 2 uses the secret key to decrypt the informa- 
tion and the decrypted Information Is authenticated in a 
usual manner. The decrypted information is thereafter 30 
used the co-processor 2 in accordance with the con- 
trol in1brmatk)n and this control Information can either 
indicate tfiat the decrypted information should t>e 
retumed to the microprocessor 1 or should for example 
be used as a key for a next decryption step on a next 35 
encrypted information message from tiie microproces- 
sor 1. In this latter case a chain of two or more decryp- 
tion steps can be performed witiiin the co-processor 2 
witfiout returning decrypted information to the micro- 
processor 1. 40 

The control information in the messages provkled 
by tfie microprocessor can contain information as to 
which decryption or encryption algorithm Is to be used 
by the co-processor 2 and any other required configura- 
tion information. 46 

tt is noted that although the coimcessor 2 is 
shown as comprising a number of separate blocks the 
actual Implementation of this oo-procesor can be made 
in any suitable manner. 

The invention is not restricted to ttie above- so 
desaibed embodiment which can be varied in a number 
of ways within the scope of the daims. 

Claims 

55 

1 . Integrated drcuit. oonrpridng logic drcuitry. prefera- 
bly a microprocessor, and a secure co-processor 
protected by a coooon. said oo-processor being 



connected to said logic drcuitry at least by data 
lines, wherein said co-processor compr^es a ayp- 
tographic engine and a volatile storage element for 
storing a secret key. 

2. Integrated circuit according to daim 1 . wherein said 
secure co-processor comprises a one-way function 
unit, wherein a seaet key is loaded in said storage 
element by providing a seed to said one-way func- 
tion unit. 

3. Integrated circuit according to daim 1 or 2, wherein 
the cryptographic engine comprises a control unit, 
a deayption engine and an authentication engine. 

4. Integrated circuit according to daim 3, wherein the 
cryptographk: engine further comprises an encryp- 
tion engine. 

5. Integrated circuit according to anyone of the pre- 
ceding daims, wherein said cocoon comprises 
security wires, preferably induding power, ground 
and/a sense wires. 

6. Integrated circuit according to anyone of the pre- 
ceding daims, wherein at least the volatile storage 
element for the secret key is powered by a battery. 

7. Method for secure data processing using a seaet 
key by using an integrated circuit according to any- 
one of the preceding claims, oornprlsing the steps 
of 

- loading a secret key in the storage element. 

- sending encrypted information from the micro- 
processor to the co-processor via the data lines 
together with control information. 

• using the secret key to decrypt said information 
in accordance with tiie control infamation in 
the co-processor. 

- authenticating tiie deaypted information, and 

- using the decrypted infbrmation in accordance 
with tiie control information. 

8. Metiiod according to claim 7, wherein the 
decrypted information is used as decryption key in 
tfie co-processor to deaypt further encrypted infor- 
mation received from the microprocessor. 

9. Metiiod according to claim 7 or 8, wherein the 
decrypted Infbrmation is retumed to the microproc- 
essor. 

10. Metiiod acceding to daim 7, 8 or 9, wherein the 
seaet key is loaded into a storage element by 
applying a one-way function on a seed. 
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